Tuesday, 1 February 2011

HP OpenView Performance Insight Server Backdoor Account Vulnerability

TippingPoint's Zero Day Initiative (ZDI) have published an advisory for a remote backdoor account vulnerability which leads to privileged code execution in Hewlett Packard's OpenView Performance Insight Server. HP managed to patch this vulnerability after a lengthy 461 days. This vulnerability was discovered by Stephen Fewer of Harmony Security.

You can read the full ZDI advisory here:
http://www.zerodayinitiative.com/advisories/ZDI-11-034/

No comments: